Gandy, RJ and Hennell, M (2014) Public ICT Procurement - Maximising Quality Whilst Minimising Risk. International Public Procurement Conference 2014_Book Of Proceedings.
Gandy R & Hennell M (2014) Public ICT Procurement - Maximising Quality Whilst Minimising Risk Paper for IPPC6.pdf - Accepted Version
The authors have liaised with the UK Government over time to highlight the risks associated with the procurement of ICT systems in the public sector and how they should best be addressed, given its unfortunate history of failed projects and the current systems security agenda. Their focus has been the integral issue of the assurance of software quality. This resulted in their being invited to submit independent “Third Party Guidance” which covers both the available procurement process options and the technical issues and opportunities (drawing on lessons from Industry). The guidance was submitted in February 2013, and after due consideration, it has now been circulated to Government teams that have an interest in this area, including the Government Procurement Service itself. There were two main components to the guidance: Technical aspects and Procurement processes. Technical aspects: There are industrial standards to ensure process quality for both hardware and software. The software component of any system is usually the most problematic, in part because there are a number of different, existing standards. These vary from the largely arbitrary and advisory (e.g. Carnegie Mellon Software Institute’s Capability Maturity Model, Level Five (CMM5)) to the prescriptive (e.g. Avionics’ DO-178b). In addition, the Motor Industry Software Reliability Association (MISRA) has a range of programming standards, which are adopted worldwide. CMM5 has been used in the procurement of public sector systems, but this falls short of what is required, and so greater emphasis should be placed on the level of criticality involved in systems. There are many causes for problems. Some of these are perceived (e.g. avaricious ICT suppliers fool the naïve civil servants and Government ministers), some are root causes (e.g. changing requirements impacting on bolt-on protective and corrective actions) and some are faulty assumptions (e.g. using tried and trusted systems as the basis for new systems will lead to more reliability). There are potential solutions to the problems facing Government Acquired Software, which have different merits. They include: contractual mechanisms; requirements freeze; wrappers; and agile techniques. Lessons should be learned from industries with consistent, successful records of implementing software systems: Nuclear, Avionics and Telecommunications. Specific ways in which the risks inherent in public sector software-based systems can be reduced were then recommended. Procurement processes: Whilst public procurement processes usually place responsibility for the efficacy of software squarely with the providers, failures still occur. A basic premise in the purchase of any artefact is the balance between price and quality, with the general rule (assumed) that the higher the quality the higher the price. Yet the particular problem for information systems is that there is usually no discernable quality assessment visible to either the purchaser or even the provider. Three options were presented for improving procurement processes to minimise the risks associated with poor-quality software: Accreditation Approach; Consortia Approach; and, Contract Requirement. The latter was recommended as the most practical way forward, which can be quickly acted upon. The ongoing collection and collation of results from related audits can then strengthen Government intelligence.
|Subjects:||H Social Sciences > HF Commerce
J Political Science > JF Political institutions (General)
|Divisions:||Liverpool Business School|
|Publisher:||International Public Procurement Conference|
|Date Deposited:||24 Mar 2016 12:02|
|Last Modified:||24 Mar 2016 12:02|
Actions (login required)